Patch Detail
get:
Show a patch.
patch:
Update a patch.
put:
Update a patch.
GET /api/patches/87471/?format=api
https://patches.dpdk.org/api/patches/87471/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/patch/20210128110140.13793-2-ktejasree@marvell.com/", "project": { "id": 1, "url": "https://patches.dpdk.org/api/projects/1/?format=api", "name": "DPDK", "link_name": "dpdk", "list_id": "dev.dpdk.org", "list_email": "dev@dpdk.org", "web_url": "http://core.dpdk.org", "scm_url": "git://dpdk.org/dpdk", "webscm_url": "http://git.dpdk.org/dpdk", "list_archive_url": "https://inbox.dpdk.org/dev", "list_archive_url_format": "https://inbox.dpdk.org/dev/{}", "commit_url_format": "" }, "msgid": "<20210128110140.13793-2-ktejasree@marvell.com>", "list_archive_url": "https://inbox.dpdk.org/dev/20210128110140.13793-2-ktejasree@marvell.com", "date": "2021-01-28T11:01:39", "name": "[v3,1/2] common/cpt: support DIGEST_ENCRYPTED mode", "commit_ref": null, "pull_url": null, "state": "superseded", "archived": true, "hash": "f6acc13df3d557b44a812a7c226619969bc22fb7", "submitter": { "id": 1789, "url": "https://patches.dpdk.org/api/people/1789/?format=api", "name": "Tejasree Kondoj", "email": "ktejasree@marvell.com" }, "delegate": { "id": 6690, "url": "https://patches.dpdk.org/api/users/6690/?format=api", "username": "akhil", "first_name": "akhil", "last_name": "goyal", "email": "gakhil@marvell.com" }, "mbox": "https://patches.dpdk.org/project/dpdk/patch/20210128110140.13793-2-ktejasree@marvell.com/mbox/", "series": [ { "id": 14997, "url": "https://patches.dpdk.org/api/series/14997/?format=api", "web_url": "https://patches.dpdk.org/project/dpdk/list/?series=14997", "date": "2021-01-28T11:01:38", "name": "support block cipher DIGEST_ENCRYPTED mode", "version": 3, "mbox": "https://patches.dpdk.org/series/14997/mbox/" } ], "comments": "https://patches.dpdk.org/api/patches/87471/comments/", "check": "success", "checks": "https://patches.dpdk.org/api/patches/87471/checks/", "tags": {}, "related": [], "headers": { "Return-Path": "<dev-bounces@dpdk.org>", "X-Original-To": "patchwork@inbox.dpdk.org", "Delivered-To": "patchwork@inbox.dpdk.org", "Received": [ "from mails.dpdk.org (mails.dpdk.org [217.70.189.124])\n\tby inbox.dpdk.org (Postfix) with ESMTP id 1FC11A09E4;\n\tThu, 28 Jan 2021 11:06:02 +0100 (CET)", "from [217.70.189.124] (localhost [127.0.0.1])\n\tby mails.dpdk.org (Postfix) with ESMTP id ECA9C4069F;\n\tThu, 28 Jan 2021 11:06:01 +0100 (CET)", "from mx0b-0016f401.pphosted.com (mx0b-0016f401.pphosted.com\n [67.231.156.173])\n by mails.dpdk.org (Postfix) with ESMTP id AA6B940699\n for <dev@dpdk.org>; Thu, 28 Jan 2021 11:06:00 +0100 (CET)", "from pps.filterd (m0045851.ppops.net [127.0.0.1])\n by mx0b-0016f401.pphosted.com (8.16.0.43/8.16.0.43) with SMTP id\n 10SA0EcA019968; Thu, 28 Jan 2021 02:05:59 -0800", "from dc5-exch02.marvell.com ([199.233.59.182])\n by mx0b-0016f401.pphosted.com with ESMTP id 36b1xpm0xv-1\n (version=TLSv1.2 cipher=ECDHE-RSA-AES256-SHA384 bits=256 verify=NOT);\n Thu, 28 Jan 2021 02:05:59 -0800", "from DC5-EXCH01.marvell.com (10.69.176.38) by DC5-EXCH02.marvell.com\n (10.69.176.39) with Microsoft SMTP Server (TLS) id 15.0.1497.2;\n Thu, 28 Jan 2021 02:05:58 -0800", "from maili.marvell.com (10.69.176.80) by DC5-EXCH01.marvell.com\n (10.69.176.38) with Microsoft SMTP Server id 15.0.1497.2 via Frontend\n Transport; Thu, 28 Jan 2021 02:05:57 -0800", "from hyd1554T5810.caveonetworks.com.com (unknown [10.29.57.11])\n by maili.marvell.com (Postfix) with ESMTP id C05AD3F703F;\n Thu, 28 Jan 2021 02:05:55 -0800 (PST)" ], "DKIM-Signature": "v=1; a=rsa-sha256; c=relaxed/relaxed; d=marvell.com;\n h=from : to : cc :\n subject : date : message-id : in-reply-to : references : mime-version :\n content-transfer-encoding : content-type; s=pfpt0220;\n bh=9tliS6SFcJ+bZkLA10m8JCVUlVhNTa/37LBs7uJC++A=;\n b=NXd9eX5VURQnta5HOVlCvzMKYCaq86IEny2e/wsOu5PlkojHDeS4a4V4MQWtAuqTrvFy\n hLy9YHY5nxCE9N9wT0y4/t4oLDL+65aQ+ONgIz7ET9fK6YcuiQRRkpgS8xsa1geyDxXU\n bBdB/5aU1+YF0MhJNLgP1iKQcCjAzTIzOkc7qozFUkdQL50HJfMEgWHk5q2Bu6jJNv7B\n 0e6eBf0GdBY3rFFz0VO4wqnoppWzl4V7clroIMwAcj1WBZYX8Mtan4jB6GKv+3bk0BJI\n 4LoG/sDK4y0xpi9Q02e/wt/ZCwfVJZJqK/BQGMxJl1FP6gXq9FKXjGlns8onENVTOUqM 3g==", "From": "Tejasree Kondoj <ktejasree@marvell.com>", "To": "Akhil Goyal <akhil.goyal@nxp.com>, Radu Nicolau <radu.nicolau@intel.com>", "CC": "Tejasree Kondoj <ktejasree@marvell.com>,\n Anoob Joseph <anoobj@marvell.com>,\n Ankur Dwivedi <adwivedi@marvell.com>, <dev@dpdk.org>", "Date": "Thu, 28 Jan 2021 16:31:39 +0530", "Message-ID": "<20210128110140.13793-2-ktejasree@marvell.com>", "X-Mailer": "git-send-email 2.27.0", "In-Reply-To": "<20210128110140.13793-1-ktejasree@marvell.com>", "References": "<20210128110140.13793-1-ktejasree@marvell.com>", "MIME-Version": "1.0", "Content-Transfer-Encoding": "8bit", "Content-Type": "text/plain", "X-Proofpoint-Virus-Version": "vendor=fsecure engine=2.50.10434:6.0.343, 18.0.737\n definitions=2021-01-28_05:2021-01-27,\n 2021-01-28 signatures=0", "Subject": "[dpdk-dev] [PATCH v3 1/2] common/cpt: support DIGEST_ENCRYPTED mode", "X-BeenThere": "dev@dpdk.org", "X-Mailman-Version": "2.1.29", "Precedence": "list", "List-Id": "DPDK patches and discussions <dev.dpdk.org>", "List-Unsubscribe": "<https://mails.dpdk.org/options/dev>,\n <mailto:dev-request@dpdk.org?subject=unsubscribe>", "List-Archive": "<http://mails.dpdk.org/archives/dev/>", "List-Post": "<mailto:dev@dpdk.org>", "List-Help": "<mailto:dev-request@dpdk.org?subject=help>", "List-Subscribe": "<https://mails.dpdk.org/listinfo/dev>,\n <mailto:dev-request@dpdk.org?subject=subscribe>", "Errors-To": "dev-bounces@dpdk.org", "Sender": "\"dev\" <dev-bounces@dpdk.org>" }, "content": "Adding support for DIGEST_ENCRYPTED mode.\n\nSigned-off-by: Tejasree Kondoj <ktejasree@marvell.com>\n---\n doc/guides/rel_notes/release_21_02.rst | 5 +++\n drivers/common/cpt/cpt_mcode_defines.h | 7 +++-\n drivers/common/cpt/cpt_ucode.h | 42 +++++++++++++++----\n drivers/crypto/octeontx/otx_cryptodev_ops.c | 11 +++--\n drivers/crypto/octeontx2/otx2_cryptodev.c | 3 +-\n drivers/crypto/octeontx2/otx2_cryptodev_ops.c | 8 +++-\n 6 files changed, 62 insertions(+), 14 deletions(-)", "diff": "diff --git a/doc/guides/rel_notes/release_21_02.rst b/doc/guides/rel_notes/release_21_02.rst\nindex e4b90a8e72..2864bdb2cc 100644\n--- a/doc/guides/rel_notes/release_21_02.rst\n+++ b/doc/guides/rel_notes/release_21_02.rst\n@@ -121,6 +121,7 @@ New Features\n PMD lookaside protocol offload for IPsec.\n * Added support for aes-cbc sha256-128-hmac cipher combination in OCTEON TX2\n crypto PMD lookaside protocol offload for IPsec.\n+ * Added support for DIGEST_ENCRYPTED mode in OCTEON TX2 crypto PMD.\n \n * **Added mlx5 compress PMD.**\n \n@@ -128,6 +129,10 @@ New Features\n \n See the :doc:`../compressdevs/mlx5` for more details.\n \n+* **Updated the OCTEON TX crypto PMD.**\n+\n+ * Added support for DIGEST_ENCRYPTED mode in OCTEON TX crypto PMD.\n+\n \n Removed Items\n -------------\ndiff --git a/drivers/common/cpt/cpt_mcode_defines.h b/drivers/common/cpt/cpt_mcode_defines.h\nindex 56a745f419..624bdcf3cf 100644\n--- a/drivers/common/cpt/cpt_mcode_defines.h\n+++ b/drivers/common/cpt/cpt_mcode_defines.h\n@@ -20,6 +20,9 @@\n #define CPT_MAJOR_OP_ZUC_SNOW3G\t0x37\n #define CPT_MAJOR_OP_KASUMI\t0x38\n #define CPT_MAJOR_OP_MISC\t0x01\n+#define CPT_HMAC_FIRST_BIT_POS\t0x4\n+#define CPT_FC_MINOR_OP_ENCRYPT\t0x0\n+#define CPT_FC_MINOR_OP_DECRYPT\t0x1\n \n /* AE opcodes */\n #define CPT_MAJOR_OP_MODEX\t0x03\n@@ -314,8 +317,10 @@ struct cpt_ctx {\n \tuint64_t hmac\t\t:1;\n \tuint64_t zsk_flags\t:3;\n \tuint64_t k_ecb\t\t:1;\n+\tuint64_t auth_enc\t:1;\n+\tuint64_t dec_auth\t:1;\n \tuint64_t snow3g\t\t:2;\n-\tuint64_t rsvd\t\t:21;\n+\tuint64_t rsvd\t\t:19;\n \t/* Below fields are accessed by hardware */\n \tunion {\n \t\tmc_fc_context_t fctx;\ndiff --git a/drivers/common/cpt/cpt_ucode.h b/drivers/common/cpt/cpt_ucode.h\nindex 0536620710..ee6d49aae7 100644\n--- a/drivers/common/cpt/cpt_ucode.h\n+++ b/drivers/common/cpt/cpt_ucode.h\n@@ -752,7 +752,9 @@ cpt_enc_hmac_prep(uint32_t flags,\n \n \t/* Encryption */\n \tvq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_FC;\n-\tvq_cmd_w0.s.opcode.minor = 0;\n+\tvq_cmd_w0.s.opcode.minor = CPT_FC_MINOR_OP_ENCRYPT;\n+\tvq_cmd_w0.s.opcode.minor |= (cpt_ctx->auth_enc <<\n+\t\t\t\t\tCPT_HMAC_FIRST_BIT_POS);\n \n \tif (hash_type == GMAC_TYPE) {\n \t\tencr_offset = 0;\n@@ -779,6 +781,9 @@ cpt_enc_hmac_prep(uint32_t flags,\n \t\toutputlen = enc_dlen + mac_len;\n \t}\n \n+\tif (cpt_ctx->auth_enc != 0)\n+\t\toutputlen = enc_dlen;\n+\n \t/* GP op header */\n \tvq_cmd_w0.s.param1 = encr_data_len;\n \tvq_cmd_w0.s.param2 = auth_data_len;\n@@ -1112,7 +1117,9 @@ cpt_dec_hmac_prep(uint32_t flags,\n \n \t/* Decryption */\n \tvq_cmd_w0.s.opcode.major = CPT_MAJOR_OP_FC;\n-\tvq_cmd_w0.s.opcode.minor = 1;\n+\tvq_cmd_w0.s.opcode.minor = CPT_FC_MINOR_OP_DECRYPT;\n+\tvq_cmd_w0.s.opcode.minor |= (cpt_ctx->dec_auth <<\n+\t\t\t\t\tCPT_HMAC_FIRST_BIT_POS);\n \n \tif (hash_type == GMAC_TYPE) {\n \t\tencr_offset = 0;\n@@ -1130,6 +1137,9 @@ cpt_dec_hmac_prep(uint32_t flags,\n \t\toutputlen = enc_dlen;\n \t}\n \n+\tif (cpt_ctx->dec_auth != 0)\n+\t\toutputlen = inputlen = enc_dlen;\n+\n \tvq_cmd_w0.s.param1 = encr_data_len;\n \tvq_cmd_w0.s.param2 = auth_data_len;\n \n@@ -2566,6 +2576,7 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform,\n \t\t struct cpt_sess_misc *sess)\n {\n \tstruct rte_crypto_cipher_xform *c_form;\n+\tstruct cpt_ctx *ctx = SESS_PRIV(sess);\n \tcipher_type_t enc_type = 0; /* NULL Cipher type */\n \tuint32_t cipher_key_len = 0;\n \tuint8_t zsk_flag = 0, aes_ctr = 0, is_null = 0;\n@@ -2574,9 +2585,14 @@ fill_sess_cipher(struct rte_crypto_sym_xform *xform,\n \n \tif (c_form->op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)\n \t\tsess->cpt_op |= CPT_OP_CIPHER_ENCRYPT;\n-\telse if (c_form->op == RTE_CRYPTO_CIPHER_OP_DECRYPT)\n+\telse if (c_form->op == RTE_CRYPTO_CIPHER_OP_DECRYPT) {\n \t\tsess->cpt_op |= CPT_OP_CIPHER_DECRYPT;\n-\telse {\n+\t\tif (xform->next != NULL &&\n+\t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH) {\n+\t\t\t/* Perform decryption followed by auth verify */\n+\t\t\tctx->dec_auth = 1;\n+\t\t}\n+\t} else {\n \t\tCPT_LOG_DP_ERR(\"Unknown cipher operation\\n\");\n \t\treturn -1;\n \t}\n@@ -2667,10 +2683,18 @@ static __rte_always_inline int\n fill_sess_auth(struct rte_crypto_sym_xform *xform,\n \t struct cpt_sess_misc *sess)\n {\n+\tstruct cpt_ctx *ctx = SESS_PRIV(sess);\n \tstruct rte_crypto_auth_xform *a_form;\n \tauth_type_t auth_type = 0; /* NULL Auth type */\n \tuint8_t zsk_flag = 0, aes_gcm = 0, is_null = 0;\n \n+\tif (xform->next != NULL &&\n+\t xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n+\t xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT) {\n+\t\t/* Perform auth followed by encryption */\n+\t\tctx->auth_enc = 1;\n+\t}\n+\n \ta_form = &xform->auth;\n \n \tif (a_form->op == RTE_CRYPTO_AUTH_OP_VERIFY)\n@@ -2993,6 +3017,7 @@ fill_fc_params(struct rte_crypto_op *cop,\n {\n \tuint32_t space = 0;\n \tstruct rte_crypto_sym_op *sym_op = cop->sym;\n+\tstruct cpt_ctx *ctx = SESS_PRIV(sess_misc);\n \tvoid *mdata = NULL;\n \tuintptr_t *op;\n \tuint32_t mc_hash_off;\n@@ -3120,9 +3145,10 @@ fill_fc_params(struct rte_crypto_op *cop,\n \t\t\t\tm = m_src;\n \n \t\t\t/* hmac immediately following data is best case */\n-\t\t\tif (unlikely(rte_pktmbuf_mtod(m, uint8_t *) +\n+\t\t\tif (!ctx->dec_auth && !ctx->auth_enc &&\n+\t\t\t\t (unlikely(rte_pktmbuf_mtod(m, uint8_t *) +\n \t\t\t mc_hash_off !=\n-\t\t\t (uint8_t *)sym_op->auth.digest.data)) {\n+\t\t\t (uint8_t *)sym_op->auth.digest.data))) {\n \t\t\t\tflags |= VALID_MAC_BUF;\n \t\t\t\tfc_params.mac_buf.size =\n \t\t\t\t\tsess_misc->mac_len;\n@@ -3137,7 +3163,9 @@ fill_fc_params(struct rte_crypto_op *cop,\n \tfc_params.ctx_buf.vaddr = SESS_PRIV(sess_misc);\n \tfc_params.ctx_buf.dma_addr = sess_misc->ctx_dma_addr;\n \n-\tif (unlikely(sess_misc->is_null || sess_misc->cpt_op == CPT_OP_DECODE))\n+\tif (!ctx->dec_auth &&\n+\t\t unlikely(sess_misc->is_null ||\n+\t\t sess_misc->cpt_op == CPT_OP_DECODE))\n \t\tinplace = 0;\n \n \tif (likely(!m_dst && inplace)) {\ndiff --git a/drivers/crypto/octeontx/otx_cryptodev_ops.c b/drivers/crypto/octeontx/otx_cryptodev_ops.c\nindex 0cf760b296..f536ba6058 100644\n--- a/drivers/crypto/octeontx/otx_cryptodev_ops.c\n+++ b/drivers/crypto/octeontx/otx_cryptodev_ops.c\n@@ -205,12 +205,16 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)\n \tif (xform->next) {\n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&\n \t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n-\t\t xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)\n+\t\t xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT &&\n+\t\t (xform->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC ||\n+\t\t xform->next->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC))\n \t\t\treturn -ENOTSUP;\n \n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n \t\t xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&\n-\t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)\n+\t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&\n+\t\t (xform->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC ||\n+\t\t xform->next->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC))\n \t\t\treturn -ENOTSUP;\n \n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n@@ -1004,7 +1008,8 @@ otx_cpt_dev_create(struct rte_cryptodev *c_dev)\n \t\t\t\tRTE_CRYPTODEV_FF_OOP_LB_IN_LB_OUT |\n \t\t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_LB_OUT |\n \t\t\t\tRTE_CRYPTODEV_FF_OOP_SGL_IN_SGL_OUT |\n-\t\t\t\tRTE_CRYPTODEV_FF_SYM_SESSIONLESS;\n+\t\t\t\tRTE_CRYPTODEV_FF_SYM_SESSIONLESS |\n+\t\t\t\tRTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;\n \t\tbreak;\n \tdefault:\n \t\t/* Feature not supported. Abort */\ndiff --git a/drivers/crypto/octeontx2/otx2_cryptodev.c b/drivers/crypto/octeontx2/otx2_cryptodev.c\nindex e0a559b663..7f45e57cce 100644\n--- a/drivers/crypto/octeontx2/otx2_cryptodev.c\n+++ b/drivers/crypto/octeontx2/otx2_cryptodev.c\n@@ -123,7 +123,8 @@ otx2_cpt_pci_probe(struct rte_pci_driver *pci_drv __rte_unused,\n \t\t\t RTE_CRYPTODEV_FF_ASYMMETRIC_CRYPTO |\n \t\t\t RTE_CRYPTODEV_FF_RSA_PRIV_OP_KEY_QT |\n \t\t\t RTE_CRYPTODEV_FF_SYM_SESSIONLESS |\n-\t\t\t RTE_CRYPTODEV_FF_SECURITY;\n+\t\t\t RTE_CRYPTODEV_FF_SECURITY |\n+\t\t\t RTE_CRYPTODEV_FF_DIGEST_ENCRYPTED;\n \n \tif (rte_eal_process_type() == RTE_PROC_SECONDARY)\n \t\totx2_cpt_set_enqdeq_fns(dev);\ndiff --git a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\nindex cec20b5c6d..fc4d5bac49 100644\n--- a/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\n+++ b/drivers/crypto/octeontx2/otx2_cryptodev_ops.c\n@@ -322,12 +322,16 @@ sym_xform_verify(struct rte_crypto_sym_xform *xform)\n \tif (xform->next) {\n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_AUTH &&\n \t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n-\t\t xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT)\n+\t\t xform->next->cipher.op == RTE_CRYPTO_CIPHER_OP_ENCRYPT &&\n+\t\t (xform->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC ||\n+\t\t xform->next->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC))\n \t\t\treturn -ENOTSUP;\n \n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n \t\t xform->cipher.op == RTE_CRYPTO_CIPHER_OP_DECRYPT &&\n-\t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH)\n+\t\t xform->next->type == RTE_CRYPTO_SYM_XFORM_AUTH &&\n+\t\t (xform->cipher.algo != RTE_CRYPTO_CIPHER_AES_CBC ||\n+\t\t xform->next->auth.algo != RTE_CRYPTO_AUTH_SHA1_HMAC))\n \t\t\treturn -ENOTSUP;\n \n \t\tif (xform->type == RTE_CRYPTO_SYM_XFORM_CIPHER &&\n", "prefixes": [ "v3", "1/2" ] }{ "id": 87471, "url": "